Re: GMail SMTP: no authenticators available?
On Tue, Jan 26, 2021 at 10:32 -1000, Baron Fujimoto wrote:
> - I don't seem to have /usr/lib/libsasl2.2.dylib
Me neither actually, but it still works:
# ls /usr/lib/libsasl2.2.dylib
ls: /usr/lib/libsasl2.2.dylib: No such file or directory
# otool -L ~/bin/mutt
/Users/robin/bin/mutt:
[...]
/usr/lib/libsasl2.2.dylib (compatibility version 3.0.0, current version
3.15.0)
[...]
I believe Big Sur has started to do some magic there where libraries
are stored elsewhere.
> - Assuming I did have an alternate version of libsasl2 available, how would I
> link to that library specifically when building mutt?
Try simply uninstalling the MacPorts version ("port uninstall
cyrus-sasl2") and then recompiling mutt from scratch just as before.
That worked for me and now picked up the system's version of the
libsasl.
> Also using MacOS 11.1, if that helps
Same here.
Robin
--
Robin Sommer * ICSI/LBNL * ro...@icir.org * www.icir.org/robin
Re: GMail SMTP: no authenticators available?
On Fri, 22 Jan 2021, Robin Sommer wrote: On Wed, Jan 20, 2021 at 16:22 -1000, Baron Fujimoto wrote: Our org's email is hosted by Gmail (via GSuite). I had been using neomutt (built from MacPorts) successfully for years. Maybe I can point you in some useful direction: I had exactly this problem with a self-built mutt recently after upgrading macOS and rebuilding all the ports (and mutt). It took me a while to find what was going on: MacPorts' libsasl2 seemed to have trouble with GMail. I uninstalled that and had mutt link against /usr/lib/libsasl2.2.dylib, and everything went back to working normally for me. Now, here's the funny thing: as I'm writing this, I just double checked my mutt binary. Turns out it's back to linking against MacPorts (now /opt/local/lib/libsasl2.3.dylib). I've rebuilt mutt in the meantime a couple of times, so things must have reverted. But it's all still working fine, which probably means that it was libsasl2 version thing somehow that's been corrected by now. Hmm, I'm certainly willing to test that out, but a couple of hurdles: - I don't seem to have /usr/lib/libsasl2.2.dylib (I can't find any libsasl2* in /usr) - Assuming I did have an alternate version of libsasl2 available, how would I link to that library specifically when building mutt? I do have the following MacPorts installed versions available: /opt/local/lib/libsasl2.3.dylib /opt/local/lib/libsasl2.dylib Also using MacOS 11.1, if that helps
Re: GMail SMTP: no authenticators available?
On Wed, 20 Jan 2021, Will Yardley wrote: On Wed, Jan 20, 2021 at 04:22:04PM -1000, Baron Fujimoto wrote: The following in my muttrc was used successfully util this problem began: set smtp_url = smtp://u...@example.org@smtp.gmail.com Do you have smtp_authenticators (unset by default) set? set smtp_url = "smtps://lu...@example.com@smtp.gmail.com" set smtp_authenticators = 'gssapi:login' Are you using an "app password"? Typically, you'll need to (at least I did) https://support.google.com/mail/answer/185833?hl=en-GB If not, you may want to switch to one. If so, you may want to make sure it's still active, and check to see if your organization changed any policies that might be causing the issue, whether that's disabling certain protocols, or enforcing MFA. FWIW, when I was using gsuite with Mutt (for work), I would typically have to auth once for IMAP and once for SMTP. Good idea trying alternate ports, but you may also want to doublecheck that your provider is not blocking or hijacking SMTP (and see what you get using telnet and / or openssl s_client to connect to smtp.gmail.com directly). Kevin's suggestion should also help show any issues along those lines. w Sorry, I should have added that I do not have smtp_authenticators set, so it should be trying all available as the default. I also tried using an app password, which also works for IMAP, but not for SMTP, same as before. The "No available authenticators" error occurs before I am even prompted for a password when trying to send. When I experiment with "openssl s_client", I can only connect to port 465, but I don't see any obvious problems there either. I'm not quite sure how to satisfiy GMail's AUTH requirements via interactive SMTP commands. (I tried AUTH LOGIN, with base64 encoded responses to Username: and Password: but get a Bad Credentials response using either my app password or original password). Below is a excerpt of "mutt -d 2" output. Based on what I see there, it doesn't appear that them SMTP is being hijacked. But apparently not even LOGIN or PLAIN AUTH mechanisms appear to be available to mutt? - Sending message... Looking up smtp.gmail.com... Connecting to smtp.gmail.com... ssl_load_certificates: loading trusted certificates ssl_socket_open: Error loading trusted certificates ssl_verify_callback: checking cert chain entry /OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign (preverify: 1 skipmode: 0) ssl_verify_callback: checking cert chain entry /C=US/O=Google Trust Services/CN=GTS CA 1O1 (preverify: 1 skipmode: 0) ssl_verify_callback: checking cert chain entry /C=US/ST=California/L=Mountain View/O=Google LLC/CN=smtp.gmail.com (preverify: 1 skipmode: 0) ssl_verify_callback: hostname check passed TLSv1.3 connection using TLSv1.3 (TLS_AES_256_GCM_SHA384) Connected to smtp.gmail.com:465 on fd=8 8< 220 smtp.gmail.com ESMTP s76sm6536334pfc.35 - gsmtp 8> EHLO MacBook-Pro.local 8< 250-smtp.gmail.com at your service, [192.160.100.100] 8< 250-SIZE 35882577 8< 250-8BITMIME 8< 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH 8< 250-ENHANCEDSTATUSCODES 8< 250-PIPELINING 8< 250-CHUNKING 8< 250 SMTPUTF8 SASL local ip: 172.19.100.162;59923, remote ip:74.125.20.109;465 External SSF: 256 External authentication name: u...@example.org SASL: No worthy mechs found smtp_auth_sasl: LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH unavailable No authenticators available mutt_free_body: unlinking /var/folders/2y/zz20bmnx69zbk82vm71syr5wgp/T//mutt-MacBook-Pro-502-51733-18433303713026120095. Mail not sent. - (email address and client IP address redacted)
Re: GMail SMTP: no authenticators available?
On Fri, Jan 22, 2021 at 13:48 +, I wrote: > so things must have reverted. But it's all still working fine I take that back: the problem persists when linking against MacPorts' libsasl2. Linking against the system's library lets SMTP work for me. Robin -- Robin Sommer * ICSI/LBNL * ro...@icir.org * www.icir.org/robin
Re: GMail SMTP: no authenticators available?
On Wed, Jan 20, 2021 at 16:22 -1000, Baron Fujimoto wrote: > Our og's email is hosted by Gmail (via GSuite). I had been using > neomutt (built from MacPorts) successfully for years. Maybe I can point you in some useful direction: I had exactly this problem with a self-built mutt recently after upgrading macOS and rebuilding all the ports (and mutt). It took me a while to find what was going on: MacPorts' libsasl2 seemed to have trouble with GMail. I uninstalled that and had mutt link against /usr/lib/libsasl2.2.dylib, and everything went back to working normally for me. Now, here's the funny thing: as I'm writing this, I just double checked my mutt binary. Turns out it's back to linking against MacPorts (now /opt/local/lib/libsasl2.3.dylib). I've rebuilt mutt in the meantime a couple of times, so things must have reverted. But it's all still working fine, which probably means that it was libsasl2 version thing somehow that's been corrected by now. Robin -- Robin Sommer * ICSI/LBNL * ro...@icir.org * www.icir.org/robin
Re: GMail SMTP: no authenticators available?
On Wed, Jan 20, 2021 at 08:26:11PM -0800 or thereabouts, Will Yardley wrote: > On Wed, Jan 20, 2021 at 04:22:04PM -1000, Baron Fujimoto wrote: > > The following in my muttrc was used successfully util this problem began: > > set smtp_url = smtp://u...@example.org@smtp.gmail.com > Do you have smtp_authenticators (unset by default) set? > set smtp_url = "smtps://lu...@example.com@smtp.gmail.com" > set smtp_authenticators = 'gssapi:login' > Are you using an "app password"? Typically, you'll need to (at least I > did) > https://support.google.com/mail/answer/185833?hl=en-GB I think that's much more likely the issue, though it may need a GSuite domain administrator to enable the feature for users and then the user can set one. Steve -- NetTek Ltd UK mob +44 7775 755503 UK +44 20 3432 3735 / US +1 (650) 423 1390 social id stevekennedyuk Euro Tech News Blog http://eurotechnews.blogspot.com
Re: GMail SMTP: no authenticators available?
On Wed, Jan 20, 2021 at 04:22:04PM -1000, Baron Fujimoto wrote: > > The following in my muttrc was used successfully util this problem began: > > set smtp_url = smtp://u...@example.org@smtp.gmail.com Do you have smtp_authenticators (unset by default) set? set smtp_url = "smtps://lu...@example.com@smtp.gmail.com" set smtp_authenticators = 'gssapi:login' Are you using an "app password"? Typically, you'll need to (at least I did) https://support.google.com/mail/answer/185833?hl=en-GB If not, you may want to switch to one. If so, you may want to make sure it's still active, and check to see if your organization changed any policies that might be causing the issue, whether that's disabling certain protocols, or enforcing MFA. FWIW, when I was using gsuite with Mutt (for work), I would typically have to auth once for IMAP and once for SMTP. Good idea trying alternate ports, but you may also want to doublecheck that your provider is not blocking or hijacking SMTP (and see what you get using telnet and / or openssl s_client to connect to smtp.gmail.com directly). Kevin's suggestion should also help show any issues along those lines. w
Re: GMail SMTP: no authenticators available?
On Wed, Jan 20, 2021 at 04:22:04PM -1000, Baron Fujimoto wrote: Our org's email is hosted by Gmail (via GSuite). I had been using neomutt (built from MacPorts) successfully for years. Recently though, I can no longer send email successfully using GMail's SMTP servers. I get the error, "No authenticators available". IMAP still works fine. This change occurred while I had a neomutt session open; it was working one day when I left, but the next day, no bueno. Do you have $smtp_authenticators set to anything? If so, trying leaving it blank so Mutt can try all possible authenticators it knows about. You might also enable debugging (-d 2) and see if the debug file gives any interesting information. After enabling TLS, the SMTP server would typically send an AUTH line indicating acceptable authentication mechanisms, for example: 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH Since you compiled against SASL, it should be able to handle at least LOGIN and PLAIN. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA signature.asc Description: PGP signature
